3
School of Computing Clemson University Design by Contract  Requirements and guarantees Requires clauses are preconditions Ensures clauses are postconditions  Caller is responsible for requirements  Postcondition holds only if caller meets operation’s requirements

4
School of Computing Clemson University Basics of Mathematical Reasoning  Suppose you are proving the correctness for some operation P Confirm P’s ensures clause at the last state Assume P’s requires clause in state 0